<?php

include 'def.php';

header('content-type: application/json; charset=utf-8');

$type = array('teacher','student','class');

$json_array = array('status'=>'error','error_id'=>'input','error_description'=>'request data error');

session_start();

if( !isset($_SESSION['id']) || empty($_GET) )
{/*do nothing*/
}
elseif( !isset($_GET['id']) || !isset($_GET['type']) )
{/* do nothing */	
}
elseif( !isValidMd5($_GET['id'] ) || empty($_GET['type']) || $_SESSION['id']!=$_GET['id'] )
{/*do nothing*/
}
else{
	$table = $_GET['type'];
	$id = $_GET['id'];
	
	if( !in_array($table, array('teacher','student','class')) )
	{/* do nothing */
		$json_array = array('status'=>'error', 'error_id'=>'$type','error_description'=>'unknown type');	
	}
	else{
		$conn = mysql_connect(DBSERV, DBUSER, DBPASSWD) or die("Couldn't connect to database");
		
		$db = mysql_select_db(DB) or die("Couldn't connect to database");
		
		$query = "select * from $table where {$table}ID = '$id';";

		$result = mysql_query($query) or die('Query_failed: ' . mysql_error());

		/*unique id returns one row*/
		if( mysql_num_rows($result) != 1 )
		{/*something is wrong*/
			$json_array = array('status'=>'error', 'error_id'=>'$id','error_description'=>'data no found');
		}
		else{
			$row = mysql_fetch_assoc($result);
			$json_array = array('status'=>'OK', 'data'=>sprintf('[%s]', json_encode($row)));
		}
	}
}		


echo str_replace('\\', '', json_encode($json_array));

?>